#866187 add torrc.d configuration directory

Package:
tor
Source:
tor
Description:
anonymizing overlay network for TCP
Submitter:
iry
Date:
2019-12-27 21:24:03 UTC
Severity:
wishlist
#866187#5
Date:
2017-06-28 02:46:21 UTC
From:
To:
Dear Maintainer,

Jigsaw52 reported[0] on Tor trac:

"A torrc.d style configuration directory could be added to the debian
packages for version 0.3.1.1-alpha and above. Since #1922[1] is now
implemented, it is easy to add this feature.

I attempted to add this feature on this branch: ​
https://github.com/Jigsaw52/debian-tor/tree/add-torrc.d"

The following is a brief introduction to the torrc.d, which has been
written in the /etc/torrc file shipped with Tor 0.3.1.1-alpha and above:

## Configuration options can be imported from files or folders using
the %include
## option with the value being a path. If the path is a file, the
options from the
## file will be parsed as if they were written where the %include
option is. If
## the path is a folder, all files on that folder will be parsed
following lexical
## order. Files starting with a dot are ignored. Files on subfolders
are ignored.
## The %include option can be used recursively.
#%include /etc/torrc.d/
#%include /etc/torrc.custom

Could you please include this important new feature into the deb
package once Debian upgrades to Tor 0.3.1.1-alpha or above?

Thank you very much for your time and effort!

Best,
iry

#866187#10
Date:
2017-07-04 15:49:07 UTC
From:
To:
Dear Peter:

Although it has not been settled down on torrc.d will be implemented in
Debian tor package, if it is the way as Jigsaw52's pull request[0], then
there will be a potential problem:

1. According to Jigsaw52's pull request, %include /etc/torrc.d will be
added to /usr/share/tor/tor-service-defaults-torrc
2. torrc files generated by users/applications go to /etc/torrc.d

Then if the user used an application to generate a torrc file with a
proxy config, let's say. And after a while, the proxy setting is no
longer needed/valid, there is no obvious way to find previous settings.
As a normal user, he/she may examine /etc/tor/torrc, but there will be
no proxy settings, which may cause a confusing and frustrating debugging
process.

Therefore, Patrick proposed the following solution[1]:

Do you think it will be a good solution? I am looking forward to a
further discussion since it is a really important feature for Debian and
its derivatives.

Thank you very much!

Best,
iry

[0]: https://github.com/Jigsaw52/debian-tor/tree/add-torrc.d
[1]: http://phabricator.kkkkkkkkkk63ava6.onion/T699

#866187#15
Date:
2017-07-04 17:14:41 UTC
From:
To:
I don't think having torrc sourced in the defaults is a good approach.

It's not clear that this is such a good idea anymore, but we should
support .d config somehow.

I'm tempted to stop shipping upstream's torrc as /etc/tor/torrc.  It's
full of options that most users should never set, and shipping an almost
empty one is much nicer.

I suspect that approximately the only thing it ought to have is the
include line.

#866187#20
Date:
2017-07-04 20:46:00 UTC
From:
To:
Peter Palfrader:

I was too afraid to suggest such as drastic change, but I like the idea
very much.

#866187#25
Date:
2017-12-17 09:06:08 UTC
From:
To:
Dear Peter,

Since it has been a while since the last discussion, I am wondering if
there is any progress on how we are going to support the torrc.d feature.

I am asking this because we would like to adopt the torrc.d feature in
Whonix 14 which is coming soon; however, as the downstream, we are too
afraid to make the decision on our own which may cause conflicts with
the upstream configuration later.

I am quoting the Whonix specific concern [0] here for your information:

Please let me know if there is anything I could help to sort out
supporting the torrc.d feature because I will be more than happy to do so!

Best,
iry


[0]:
https://forums.whonix.org/t/graphical-gui-whonix-setup-wizard-anon-connection-wizard-technical-discussion/650/377

#866187#30
Date:
2017-12-23 10:41:39 UTC
From:
To:
Hi iry,

iry:

weasel explained a while ago how he thinks this should be handled:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866187#15

Next step is probably: whoever wants to see this happen works on it
and proposes a branch or patch.

Cheers,

#866187#35
Date:
2017-12-23 14:08:00 UTC
From:
To:
Peter Palfrader:

What's wrong with that?

I guess because then users cannot easily disable parsing of /etc/torrc.d?

#866187#40
Date:
2017-12-24 16:41:00 UTC
From:
To:
Hi intrigeri!

intrigeri:
Thank you so much for your instructions.

To confirm, the implementation will be what weasel said:

I can definitely work on that once weasel confirms a /etc/tor/torrc file
with only a single include line is what we expect. Also, could you
please specify which directory will be used as torrc.d directory, weasel?

Thank you very mcuh!

Best Regards,
iry

#866187#45
Date:
2019-12-27 21:15:17 UTC
From:
To:
Hello,

This would be great!

A quick "ack" and the wanted directory name confirmed by weasel would probably
unleash this nice configuration feature quickly.
(I am willing to provide a patch, if iry is not in the mood anymore)

Cheers,
Lars